Bug#726393: general: Possible malware infections in source packages

To: Thorsten Glaser <t.glaser@tarent.de>, 726393@bugs.debian.org
Cc: Thijs Kinkhorst <thijs@debian.org>
Subject: Bug#726393: general: Possible malware infections in source packages
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sat, 19 Oct 2013 11:05:39 -0300
Message-id: <[🔎] 20131019140539.GC18564@khazad-dum.debian.net>
Reply-to: Henrique de Moraes Holschuh <hmh@debian.org>, 726393@bugs.debian.org
In-reply-to: <[🔎] alpine.DEB.2.10.1310181309520.4013@tglase.lan.tarent.de>
References: <[🔎] 20131015102815.23380.68872.reportbug@debian.F-Secure.com> <[🔎] 20131015105436.GA15762@keks.naturalnet.de> <[🔎] 54f73ee1a529788f845b9918870d74b3.squirrel@aphrodite.kinkhorst.nl> <[🔎] 2288634.F14KR057Sc@ylum> <[🔎] feddfe6413aac40df1f273906a8e30a2.squirrel@aphrodite.kinkhorst.nl> <[🔎] alpine.DEB.2.10.1310181309520.4013@tglase.lan.tarent.de>

On Fri, 18 Oct 2013, Thorsten Glaser wrote:
> On Tue, 15 Oct 2013, Thijs Kinkhorst wrote:
> > I'm still not sure why the virus contained in the source could not be
> > replaced by the EICAR test signature.
> 
> Because it’s not testing a virus scanner, but because the
> specific RFC822 message in question exhibited multiple problems
> in the code, due to the way it’s written/structured.

Then we could just defang it for good, replacing most of the virus
code with crap while preserving the "malformedness".

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Bug#726393: general: Possible malware infections in source packages
  - From: Jarkko Palviainen <jarkko.palviainen@f-secure.com>
- Bug#726393: general: Possible malware infections in source packages
  - From: Dominik George <nik@naturalnet.de>
- Bug#726393: general: Possible malware infections in source packages
  - From: "Thijs Kinkhorst" <thijs@debian.org>
- Re: Bug#726393: general: Possible malware infections in source packages
  - From: Dominique Dumont <dod@debian.org>
- Re: Bug#726393: general: Possible malware infections in source packages
  - From: "Thijs Kinkhorst" <thijs@debian.org>
- Bug#726393: general: Possible malware infections in source packages
  - From: Thorsten Glaser <t.glaser@tarent.de>

Prev by Date: Re: Propose Release Goals (delayed ;) - xz compression
Next by Date: Re: skipping bioinformatics on some architectures ?
Previous by thread: Bug#726393: general: Possible malware infections in source packages
Next by thread: Bug#726393: general: Possible malware infections in source packages
Index(es):
- Date
- Thread